nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

taken into account wildcards in the databases names get from the "mysql.db" table before displaying the db name in the "create db" box

Browse Source
This commit is contained in:
Loïc Chapeaux
2001-10-24 18:46:59 +00:00
parent 88044a1942
commit 85c05f25c4
2 changed files with 57 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ChangeLog
View File

@@ -5,9 +5,15 @@ phpMyAdmin - Changelog
$Id$
$Source$
2001-10-24 Lo<4C>c Chapeaux <lolo@phpheaven.net>
* main.php3:
- taken into account wildcards in the databases names get from the
"mysql.db" table;
- get all privilege at the begenning of the script.
2001-10-24 Marc Delisle <lem9@users.sourceforge.net>
* main.php3 (for Lo<4C>c): a non-empty only_db was removing the
MySQL links on the main page
* main.php3 (for Lo<4C>c): a non-empty only_db was removing the MySQL links on
the main page.
2001-10-23 Robin Johnson <robbat2@users.sourceforge.net>
* Documentation.html: Redid documentation of advanced authentication mode.

89
main.php3
View File

@@ -154,41 +154,51 @@ if ($server > 0)
$common_url_query = 'lang=' . $lang . '&amp;server=' . $server;
// Get user's rights ($dbh and $userlink are links to MySQL defined in the
// "common.lib.php3" library
$create = FALSE;
// Get user's global privileges ($dbh and $userlink are links to MySQL
// defined in the "common.lib.php3" library)
$is_create_priv = FALSE;
$is_process_priv = FALSE;
$is_reload_priv = FALSE;
$is_superuser = @mysql_query('USE mysql', $userlink);
if ($dbh) {
// Does user have global Create priv?
$local_query = 'SELECT * FROM mysql.user WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
$rs_usr = mysql_query($local_query, $dbh);
$local_query = 'SELECT * FROM mysql.user WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
$rs_usr = mysql_query($local_query, $dbh); // Debug: or mysql_die('', $local_query, FALSE);
if ($rs_usr) {
$result_usr = mysql_fetch_array($rs_usr);
$create = ($result_usr['Create_priv'] == 'Y');
$db_to_create = '';
}
// Does user have Create priv on a inexistant db?
// if yes, show him in the dialog the first inexistant db name that we
// find, in most cases it's probably the one he just dropped :)
// (Note: we only get here after a browser reload, I don't know why)
if (!$create) {
$local_query = 'SELECT Db FROM mysql.db WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
$rs_usr = mysql_query($local_query, $dbh);
if ($rs_usr) {
while ($row = mysql_fetch_array($rs_usr)) {
if (!mysql_select_db($row['Db'], $userlink)) {
$db_to_create = $row['Db'];
$create = TRUE;
break;
} // end if
} // end while
mysql_free_result($rs_usr);
} // end if
$result_usr = mysql_fetch_array($rs_usr);
$is_create_priv = ($result_usr['Create_priv'] == 'Y');
$is_process_priv = ($result_usr['Process_priv'] == 'Y');
$is_reload_priv = ($result_usr['Reload_priv'] == 'Y');
mysql_free_result($rs_usr);
} // end if
} // end get user privileges
} // end if
// If the user has Create priv on a inexistant db, show him in the dialog
// the first inexistant db name that we find, in most cases it's probably
// the one he just dropped :)
// (Note: we only get here after a browser reload, I don't know why)
if (!$is_create_priv) {
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Create_priv = \'Y\' AND (User = \'' . sql_addslashes($cfgServer['user']) . '\' OR User = \'\')';
$rs_usr = mysql_query($local_query, $dbh); // Debug: or mysql_die('', $local_query, FALSE);
if (@mysql_numrows($rs_usr) > 0) {
while ($row = mysql_fetch_array($rs_usr)) {
if (!mysql_select_db($row['Db'], $dbh)) {
$re = '(^|(\\\\\\\\)+|[^\])';
$row['Db'] = ereg_replace($re . '%', '\\1...', ereg_replace($re . '_', '\\1?', $row['Db']));
$db_to_create = $row['Db'];
$is_create_priv = TRUE;
break;
} // end if
} // end while
mysql_free_result($rs_usr);
} // end if
} // end if
else {
$db_to_create = '';
} // end else
// The user is allowed to create a db
if ($create) {
if ($is_create_priv) {
echo "\n";
?>
<!-- db creation form -->
@@ -206,8 +216,8 @@ if ($server > 0)
</td>
</tr>
<?php
echo "\n";
} // end create db form
echo "\n";
// Server related links
?>
@@ -231,7 +241,7 @@ if ($server > 0)
<?php
echo "\n";
if (isset($result_usr) && $result_usr['Process_priv'] == 'Y') {
if ($is_process_priv) {
?>
<tr>
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
@@ -242,10 +252,10 @@ if ($server > 0)
</td>
</tr>
<?php
echo "\n";
}
echo "\n";
if (isset($result_usr) && $result_usr['Reload_priv'] == 'Y') {
if ($is_reload_priv) {
?>
<tr>
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
@@ -256,11 +266,10 @@ if ($server > 0)
</td>
</tr>
<?php
echo "\n";
}
echo "\n";
$result = @mysql_query('USE mysql', $userlink);
if (!mysql_error()) {
if ($is_superuser) {
?>
<tr>
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
@@ -286,7 +295,7 @@ if ($server > 0)
}
echo "\n";
// With advanced authentication -> logout
// Logout for advanced authentication
if ($cfgServer['adv_auth'])
{
?>
@@ -299,16 +308,16 @@ if ($server > 0)
</td>
</tr>
<?php
echo "\n";
} // end if
echo "\n";
?>
</table>
</td>
<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
<?php
echo "\n";
} // end of if ($server > 0)
echo "\n";
/**